According to a report from Bleeping Computer, a security researcher found a new family of Android malware on the Google Play Store that discreetly subscribed users to premium services.
Known as Autolycos, the new Android virus was found by Maxime Ingrao, a security researcher at the cybersecurity firm Evina. The malware, which was discovered by Ingrao for the first time in June 2021, has infected eight Play Store apps that have received over three million downloads.
All of these malicious programs enticed users to download them by promising improved camera or keyboard features.
Without the owner’s knowledge or consent, they occasionally even subscribed to premium versions of the infected apps. They wouldn’t be aware until they got a bill and a notice that the money had been taken from their credit or debit cards.
Despite the fact that the researcher first alerted Google to the Autolycos malware in June 2021, it took the search engine giant nearly six months to delete six of the infected apps from the Play Store. Furthermore, only after Bloomberg published their piece on the Autolycos spyware were the two remaining infected apps removed.
The full list of applications affected by the Autolycos malware is shown below, along with number of downloads:
- Vlog Star Video Editor:- 1 million downloads
- Creative 3D Launcher:- 1 million downloads
- Wow Beauty Camera:- 100,000 downloads
- Gif Emoji Keyboard:- 100,000 downloads
- Freeglow Camera 1.0.0:- 5,000 downloads
- Coco camera V1.1:- 1,000 downloads
- Funny Camera by KellyTech:- Over 50,000 downloads
- Razer Keyboard & Theme by rxcheldiolola:- Over 50,000 downloads
To attract a significant number of new users, the cybercriminals behind the attack advertised the apps on several Facebook pages and used Facebook and Instagram ads.
Users were made aware of the apps that were being promoted by the advertising campaigns, which increased their likelihood of installing them quickly. As a result, the apps received a lot of downloads and rose to the top of the Play Store charts.
We advise to check to see whether any of the aforementioned infected apps are present on your Android smartphone, and if they are, uninstall them right once to keep secure. On your devices, keep an eye on the battery life of your apps, background internet usage, Play Protect status, and download as few apps as you can.